iankelling.org Git - distro-setup/blob - filesystem/usr/local/bin/check-lets-encrypt-ssl-settings

   1 #!/bin/bash
   2 # I, Ian Kelling, follow the GNU license recommendations at
   3 # https://www.gnu.org/licenses/license-recommendations.en.html. They
   4 # recommend that small programs, < 300 lines, be licensed under the
   5 # Apache License 2.0. This file contains or is part of one or more small
   6 # programs. If a small program grows beyond 300 lines, I plan to switch
   7 # its license to GPL.
   8
   9 # Copyright 2024 Ian Kelling
  10
  11 # Licensed under the Apache License, Version 2.0 (the "License");
  12 # you may not use this file except in compliance with the License.
  13 # You may obtain a copy of the License at
  14
  15 #     http://www.apache.org/licenses/LICENSE-2.0
  16
  17 # Unless required by applicable law or agreed to in writing, software
  18 # distributed under the License is distributed on an "AS IS" BASIS,
  19 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  20 # See the License for the specific language governing permissions and
  21 # limitations under the License.
  22
  23 # Copyright (C) 2016 Ian Kelling
  24
  25 # Licensed under the Apache License, Version 2.0 (the "License");
  26 # you may not use this file except in compliance with the License.
  27 # You may obtain a copy of the License at
  28
  29 #     http://www.apache.org/licenses/LICENSE-2.0
  30
  31 # Unless required by applicable law or agreed to in writing, software
  32 # distributed under the License is distributed on an "AS IS" BASIS,
  33 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  34 # See the License for the specific language governing permissions and
  35 # limitations under the License.
  36
  37 source ~/.bashrc
  38
  39 if [[ ! -e /dev/shm/iank-status ]]; then
  40   exit 0
  41 fi
  42 eval $(< /dev/shm/iank-status)
  43
  44 if [[ $HOSTNAME != "$MAIL_HOST" || $HOST2 && $HOST2 != "$HOSTNAME" ]]; then
  45   exit 0
  46 fi
  47
  48 lock_file=/tmp/check-lets-encrypt-ssl-settings
  49 if [[ -e $lock_file ]]; then
  50   exit 0
  51 fi
  52
  53 d=/a/opt/certbot
  54 gitget https://github.com/certbot/certbot.git $d |& ts "%F %T" >>/tmp/${0##*/}.log
  55 cd $d
  56
  57 f=certbot-apache/certbot_apache/_internal/tls_configs/current-options-ssl-apache.conf
  58 out=$(git log -p --since 2022-05-14 $f)
  59
  60 if [[ $out ]]; then
  61   cat <<EOF
  62 Let's encrypt has new ssl settings.
  63 1. edit mail-setup if needed: search for check-lets-encrypt-ssl-settings
  64 2. edit web-conf, search for common_ssl_conf
  65 3. Update servers if needed
  66 4. edit the date in /a/bin/ds/filesystem/usr/local/bin/check-lets-encrypt-ssl-settings
  67 5. rm $lock_file
  68 The change is:
  69 $out
  70 EOF
  71   touch $lock_file
  72 fi